HTTP Method Remote Format String

Critical Nessus Plugin ID 11801


It is possible to execute code on the remote host through the web server.


The remote web server seems to be vulnerable to a format string attack on the method name. An attacker might use this flaw to make it crash or even execute arbitrary code on this host.


Upgrade your software or contact your vendor and inform him of this vulnerability.

Plugin Details

Severity: Critical

ID: 11801

File Name: http_method_format_string.nasl

Version: $Revision: 1.19 $

Type: remote

Family: Web Servers

Published: 2003/07/23

Modified: 2014/05/26

Dependencies: 10107

Risk Information

Risk Factor: Critical


Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport